Cybersecurity Analyst
DepartmentInformation Technology Solutions (2550) - Victoria, British Columbia
POSITION: Cybersecurity Analyst
DEPARTMENT / DIVISION / SECTION: Police / Information Technology Solutions / Information Risk Management
Competition Number: P16-26
Date of Issue: April 28/2026
Closing Date:
May 19/2026Pay Group: $55.64/hour (CUPE Pay Grade 17)
Number of Positions: 1
Duration: Regular Full-Time
Work Schedule: Monday through Friday, 35 hours per week
To Apply: All submissions shall be sent electronically by 4:30pm on the above closing date and should include all qualifications and experience relevant to the position.
POSITION FUNCTION:The Cybersecurity Analyst functions at an intermediate level as a shared resource between the Information Technology Solutions Section - Information Risk Management Division and the Economic Crime Unit (Cybercrime) - Investigative Services Section, providing specialized expertise in cybersecurity risk management and cybercrime support. This position is responsible for proactively identifying, assessing, and mitigating cybersecurity risks; monitoring and responding to security incidents; and supporting both preventative security initiatives and active cybercrime investigations. The role requires the application of established cybersecurity principles, technologies, and best practices, as well as effective collaboration with multidisciplinary teams to enhance organizational security posture and investigative outcomes.
KEY DUTIES:Cybersecurity Analysis & Risk Mitigation (approx. 75% Information Technology focus):Vulnerability Management: Conduct regular vulnerability assessments, penetration testing and threat hunting to identify security weaknesses in systems and applications.
Risk Assessment: Analyze identified vulnerabilities and threats to assess potential risks to the organization’s data, systems, and operations. Develop and recommend mitigation strategies.
Security Monitoring: Monitor network traffic, security logs, and system activity for suspicious behavior and potential security breaches using tool such as ERD, SIEM tools, IDS/IPS, email security, user reports, and others.
Incident Response: Participate in the investigation of security incidents, including containment, eradication, and recovery efforts. Perform security investigations and post-event analysis ensuring security incidents are thoroughly documented.
Policy & Procedure Support: Assist in the development, implementation, and maintenance of cybersecurity policies, standards, and procedures, ensuring alignment with relevant compliance standards (FIPPA, NIST, CIS, and police agency regulations).
Security Awareness Training: Develop and deliver security awareness training to employees to promote best practices and reduce the risk of human error.
Threat Intelligence: Stay up to date on the latest cybersecurity threats, vulnerabilities, and attack vectors.
Security Infrastructure: Install, maintain, and operate security software systems.
Cybercrime Support & Collaboration (approx. 25% Investigative Services focus):Technical Expertise: Provide technical guidance and subject matter expertise to the Economic Crime Unit (Cybercrime) investigators.
Consulting and Advisory: Act as a technical consultant and advisor on investigations or community consultations that require a significant technical skill and expertise.
Tooling & Support: Provide ongoing training and support to the Economic Crime Unit (Cybercrime) on the use of cybersecurity tools and techniques.
Civilian Consistency: Provide a consistent civilian perspective and expertise within the Economic Crime Unit (Cybercrime).
Reporting & Documentation: Prepare clear and concise technical reports and documentation and evidence for investigations and incident responses, charge assessment, and prosecution. This position may require attendance in court as a witness.
Security Data Analysis: For risk reduction, threat detection, investigation, and evidence preservation.
Knowledge of Criminal Law: Support investigations and operational decisions.
Perform related duties where qualified.
INDEPENDENCE:Work is generated by operational demand and is performed according to established policies and procedures.
Work is reviewed through discussions with the Manager.
Issues such as major changes to policy development and annual goals are discussed with the Manager with recommendations.
WORKING CONDITIONS:Physical Effort:Sit with arms unsupported while keyboarding. (often)
Lift and carry medium weight stacks of files and boxes. (occasional)
Mental Effort:Exposure to disturbing materials. (occasional)
Meet multiple deadlines. (often)
Visual/Auditory Effort:Focus on a variety of source data and computer for long periods. (frequent)
Work Environment:Office.
KEY SKILLS AND ABILITIES:Solid understanding of networking protocols, operating systems (Windows, Linux), and security concepts.
Familiarity with digital forensics principles and tools is preferred.
Knowledge of scripting languages (e.g., Python, PowerShell).
Knowledge of security principles and best practices
Familiarity with security tools and technologies such as: Security Information and Event Management (SIEM) systems, ZTNA (Zero Trust Network Architecture), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), firewalls, Endpoint Detection and Response (EDR) and Antivirus (AV) systems, Network Access Control (NAC) systems, Data Loss Prevention (DLP) systems, vulnerability scanners, firewalls, red team/penetration testing tools, and security education and awareness platforms.
Proficiency in utilizing various security assessment tools and frameworks for both IT/OT including but not limited to Kali Linux, Nessus, Burp Suite, CIS benchmarks, MITRE ATT&CK, intrusion detection/prevention systems (IDS/IPS), firewalls, and endpoint protection platforms.
Experience with Microsoft Security stack (MDO, MDE, MDI, Purview and Sentinel).
Familiarity with web application security concepts such as OWASP Top 10.
Familiarity with Cybersecurity Frameworks for both IT/OT such as NIST CSF 2.0, ISO27001/27002 and CIS v8 etc.
Familiarity with both Red and Blue (Purple) team cybersecurity activities to provide both proactive and reactive cyber incident response.
Strong analytical and problem-solving skills.
Excellent communication and interpersonal skills, with the ability to explain technical concepts to both technical and non-technical audiences.
Ability to work independently and as part of a team.
Strong attention to detail and ability to prioritize tasks.
QUALIFICATIONS:Formal Education, Training and Occupational Certification:Degree or diploma in Computer Science or a related field. (minimum 3 years)
Current and valid Class 5 B.C. Driver’s Licence.
Experience:Minimum of 4 years of related experience, including supervisory experience or an equivalent combination of education and experience.
OTHER:Required to obtain enhanced security and criminal record clearance.
Required to sign attestation of confidentiality.
May be requested to substitute in a more senior position.
May be required to obtain Special Municipal Constable status.
This is a CUPE Local 50 position.
APPLY NOW
